From 14f1ec186f87ce50037044ccb079463676518ec5 Mon Sep 17 00:00:00 2001
From: Allan Sandfeld Jensen <allan.jensen@qt.io>
Date: Wed, 13 Feb 2019 11:31:14 +0100
Subject: Make bytes-per-line safe for int overflow

Goes through the Qt code and make sure bytes-per-line calculations are
safe when they are too big for 32bit integers.

Change-Id: I88b2d74b3da82e91407d316aa932a4a37587c0cf
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
---
 src/plugins/imageformats/ico/qicohandler.cpp | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'src/plugins/imageformats/ico')

diff --git a/src/plugins/imageformats/ico/qicohandler.cpp b/src/plugins/imageformats/ico/qicohandler.cpp
index eb50f52bd6..1982e05344 100644
--- a/src/plugins/imageformats/ico/qicohandler.cpp
+++ b/src/plugins/imageformats/ico/qicohandler.cpp
@@ -356,7 +356,7 @@ void ICOReader::read1BitBMP(QImage & image)
     if (iod) {
 
         int h = image.height();
-        int bpl = image.bytesPerLine();
+        qsizetype bpl = image.bytesPerLine();
 
         while (--h >= 0) {
             if (iod->read((char*)image.scanLine(h),bpl) != bpl) {
@@ -405,7 +405,7 @@ void ICOReader::read8BitBMP(QImage & image)
     if (iod) {
 
         int h = icoAttrib.h;
-        int bpl = image.bytesPerLine();
+        qsizetype bpl = image.bytesPerLine();
 
         while (--h >= 0) {
             if (iod->read((char *)image.scanLine(h), bpl) != bpl) {
@@ -425,7 +425,7 @@ void ICOReader::read16_24_32BMP(QImage & image)
         QRgb *p;
         QRgb  *end;
         uchar *buf = new uchar[image.bytesPerLine()];
-        int    bpl = ((icoAttrib.w*icoAttrib.nbits+31)/32)*4;
+        qsizetype    bpl = ((qsizetype(icoAttrib.w)*icoAttrib.nbits+31)/32)*4;
         uchar *b;
 
         while (--h >= 0) {
-- 
cgit v1.2.3